Title: domain mapping with https Last modified: August 22, 2016 --- # domain mapping with https * Resolved [Andrew](https://wordpress.org/support/users/snd26/) * (@snd26) * [11 years, 4 months ago](https://wordpress.org/support/topic/last-https-issue/) * OK so my SSL journey is now at domain mapping. * Everything works with https perfectly except domain mapping. A mapped domain works as normal with http, but adding https I get the following error. * Your connection is not private * This server could not prove that it is mysite.com its security certificate is from *.mysite.com. This may be caused by a misconfiguration or an attacker intercepting your connection. * Proceed to mapped-domain.com (unsafe) * And IE will say: There is a problem with this website’s security certificate. * proceeding will cause the https to be red and crossed out. * Would this be a server issue? My previous SSL problem was my host needing to configure the server: [https://wordpress.org/support/topic/https-multisite-problem-with-subdomains](https://wordpress.org/support/topic/https-multisite-problem-with-subdomains)? * Every time a user maps a domain, should https work for it automatically without any manually server configurations each time? * note: I use server ip for domain mapping Viewing 7 replies - 1 through 7 (of 7 total) * Moderator [Ipstenu (Mika Epstein)](https://wordpress.org/support/users/ipstenu/) * (@ipstenu) * 🏳️‍🌈 Advisor and Activist * [11 years, 4 months ago](https://wordpress.org/support/topic/last-https-issue/#post-5704380) * Your SSL cert is ‘wrong’ on your server. it’s not a WP issue. * > This server could not prove that it is mysite.com its security certificate > is from *.mysite.com. This may be caused by a misconfiguration or an attacker > intercepting your connection. > Proceed to mapped-domain.com (unsafe) * Notice how that says mysite.com adn then mapped-domain.com? That’s what’s going on. What kind of cert did you buy? * Thread Starter [Andrew](https://wordpress.org/support/users/snd26/) * (@snd26) * [11 years, 4 months ago](https://wordpress.org/support/topic/last-https-issue/#post-5704385) * I bought a wildcard SSL certificate from my host: [http://www.siteground.com/ssl_certificates.htm](http://www.siteground.com/ssl_certificates.htm) * The actual name of it on my account says ‘Alpha SSL Certificate’, so I believe it was a resell of this one: [http://www.alphassl.com/ssl-certificates/wildcard-ssl.html](http://www.alphassl.com/ssl-certificates/wildcard-ssl.html) * Thread Starter [Andrew](https://wordpress.org/support/users/snd26/) * (@snd26) * [11 years, 4 months ago](https://wordpress.org/support/topic/last-https-issue/#post-5704446) * I have just noticed the same happens on wordpress.com websites after looking at a few sites in their showcase, example: * qz.com – works fine [https://qz.com/](https://qz.com/) – exact same insecure error as me * That surprised me. so I have three questions about this. * 1. If I only make https appear in the admin (by using just the wp-config SSL define) I still don’t know how a user with a mapped domain would login to their admin (which will be https). So for example: mapped-domain.com – is fine but when I click on the top toolbar admin link to go to the admin: [https://mapped-domain.com/wp-admin](https://mapped-domain.com/wp-admin)– the https insecure error occurs. So how would the site administrator, for the site above (qz.com) get into their admin: [https://qz.com/wp-admin](https://qz.com/wp-admin)? I assume it needs to be somehow setup so when a user with a mapped domain goes to their admin, it goes to the original sub domain: admin: [https://site.mysite.com/wp-admin](https://site.mysite.com/wp-admin) frontend: mapped-doman.com how would I do that? * 2. But if possible, I would still prefer to keep https everywhere (frontend and admin), by forcing https with htaccess. So is it possible to have https on mapped- domains everywhere? * 3. If my second question isn’t possible, would it be possible to set it up how wordpress.com has it for their users sites, so https is everywhere, example: [https://sundoglitblog.wordpress.com/](https://sundoglitblog.wordpress.com/) But all sites with mapped-domains do not have https like the qz.com site above? providing I know the answer to my first question. * Hope all that made sense. Any help super appreciated. * Moderator [Ipstenu (Mika Epstein)](https://wordpress.org/support/users/ipstenu/) * (@ipstenu) * 🏳️‍🌈 Advisor and Activist * [11 years, 4 months ago](https://wordpress.org/support/topic/last-https-issue/#post-5704490) * > I have just noticed the same happens on wordpress.com websites after looking > at a few sites in their showcase, example: > qz.com – works fine > [https://qz.com/](https://qz.com/) – exact same insecure > error as me * That’s not an error. It literally means they didn’t get an SSL cert…. * Look. Go to [https://halfelf.org](https://halfelf.org) – same problem right? BUT [https://store.halfelf.org/](https://store.halfelf.org/) works (it’ll redirect you to http, but that’s because you have nothing in the cart – [https://store.halfelf.org/checkout/](https://store.halfelf.org/checkout/) will stay https) * The point is ONLY [https://store.halfelf.org/](https://store.halfelf.org/) has the SSL cert so only that will work. That’s what you expect to happen. * You have to buy a cert for _each_ domain. It has nothing to do with WP, that’s how the internet works. You have to buy SSL certs if you want people to use SSL. Or make a self-signed cert. * Thread Starter [Andrew](https://wordpress.org/support/users/snd26/) * (@snd26) * [11 years, 4 months ago](https://wordpress.org/support/topic/last-https-issue/#post-5704503) * That’s understandable, perhaps this question was more appropriate for another forum if it is more of a general internet question – but I was unsure. * “You have to buy a cert for each domain.” * So, (apologise if this seems an obvious question to you) if a user maps a domain, they won’t be able to access the admin/login securely? But this was why I asked if it is possible to force the admin side to use the subdomain instead of the mapped domain so the user will at least benefit from my wildcard cert in the admin. (if that makes sense). * Moderator [Ipstenu (Mika Epstein)](https://wordpress.org/support/users/ipstenu/) * (@ipstenu) * 🏳️‍🌈 Advisor and Activist * [11 years, 4 months ago](https://wordpress.org/support/topic/last-https-issue/#post-5704511) * > So, (apologise if this seems an obvious question to you) if a user maps a domain, > they won’t be able to access the admin/login securely? * Correct * > But this was why I asked if it is possible to force the admin side to use the > subdomain instead of the mapped domain so the user will at least benefit from > my wildcard cert in the admin. (if that makes sense). * I missed that.. YES you can. * Option 1) [https://wordpress.org/plugins/wordpress-mu-domain-mapping/](https://wordpress.org/plugins/wordpress-mu-domain-mapping/) has a specific option for that. * Option 2) … I THINK you can do it if you make the site URL for the sites the subdomain and not the mapped domain * Thread Starter [Andrew](https://wordpress.org/support/users/snd26/) * (@snd26) * [11 years, 4 months ago](https://wordpress.org/support/topic/last-https-issue/#post-5704515) * Thanks Ipstenu, I’ll look into that. Viewing 7 replies - 1 through 7 (of 7 total) The topic ‘domain mapping with https’ is closed to new replies. * In: [Networking WordPress](https://wordpress.org/support/forum/multisite/) * 7 replies * 2 participants * Last reply from: [Andrew](https://wordpress.org/support/users/snd26/) * Last activity: [11 years, 4 months ago](https://wordpress.org/support/topic/last-https-issue/#post-5704515) * Status: resolved ## Topics ### Topics with no replies ### Non-support topics ### Resolved topics ### Unresolved topics ### All topics